Abstract
Supervisory Control and Data Acquisition (SCADA) systems have been in use for decades. They provide remote management and monitoring capabilities for Industrial Control Systems (ICS) such as power plants, trains, water treatment plants, and dams. In recent years, SCADA systems have been targeted by malicious attackers. The Modbus TCP/IP protocol, which is the standard communication protocol used by many SCADA systems for network communication, is unencrypted and therefore it is insecure by design. In this research, cost-effective design and implementation of a custom SCADA testbed is proposed to assess common vulnerabilities and exploits in real-world Industrial Control Systems. A solution is then proposed to prevent these types of vulnerabilities from being exploited on real-world systems by implementing a secure tunnel.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
This paper is the extended version of the two conference papers with more details, the source codes, the list of materials for building the testbed, and a new security solution to prevent attacks.
References
BlackEnergy APT attacks \(|\) what is BlackEnergy? \(|\) kaspersky lab US. Accessed 23 Feb 2019
Check our numbers. Accessed 29 Mar 2019
Code for the HMI and PLC. Accessed 29 Mar 2019
E-ISAC\(\_\)sans\(\_\)ukraine\(\_\)duc\(\_\)5.pdf. Accessed 23 Feb 2019
EBOOK\(\_\)cyberattacks-AGAINST-UKRAINIAN-ICS.pdf. Accessed 23 Feb 2019
Ettercap home page. Accessed 23 Feb 2019
Getting started - metasploit. Accessed 23 Feb 2019
HMI software by AdvancedHMI, application creation framework. Accessed 23 Feb 2019
Introduction to cisco IPsec technology - cisco. Accessed 23 Feb 2019
modbus-discover NSE script. Accessed 23 Feb 2019
Modbus TCP/IP overview. Accessed 23 Feb 2019
Modbus version scanner \(|\) rapid7. Accessed 23 Feb 2019
National SCADA test bed
Nmap: the network mapper - free security scanner. Accessed 23 Feb 2019
Spear phishing definition and prevention kaspersky lab US. Accessed 23 Feb 2019
Spoofing attack: IP, DNS & ARP. Accessed 23 Feb 2019
Stuxnet. Accessed 23 Feb 2019
Trisis malware. Analysis of safety system targeted malware. Accessed 10 Mar 2019
Triton is the world’s most murderous malware, and it’s spreading. Accessed 10 Mar 2019
VPN software solutions & services for business. Accessed 23 Feb 2019
Vulnerability & exploit database \(|\) rapid7. Accessed 23 Feb 2019
What is a TCP SYN flood \(|\) DDoS, attack glossary \(|\) incapsula. Accessed 23 Feb 2019
What is modbus and how does it work? Accessed 23 Feb 2019
Wireshark \(\cdot \) go deep. Accessed 23 Feb 2019
Ahmed, I., Roussev, V., Johnson, W., Senthivel, S., Sudhakaran, S.: A scada system testbed for cybersecurity and forensic research and pedagogy. In: Proceedings of the 2Nd Annual Industrial Control System Security Workshop, ICSS 2016, pp. 1–9. ACM, New York (2016)
Alves, T., Das, R., Werth, A., Morris, T.: Virtualization of scada testbeds for cybersecurity research: a modular approach. In: 2015 Joint International Mechanical, Electronic and Information Technology Conference (JIMET-15). Atlantis Press (2015)
Del Canto, C.J., Prada, M.A., Fuertes, J.J., Alonso, S., Domínguez, M.: Remote laboratory for cybersecurity of industrial control systems. IFAC-PapersOnLine 48(29), 13–18 (2015)
Chabukswar, R., Sinopoli, B. Karsai, G., Giani, A. Neema, H., Davis, A.: Simulation of network attacks on SCADA systems. In: First Workshop on Secure Control Systems, Cyber Physical Systems Week 2010, April 2010
Domínguez, M., Prada, M.A., Reguera, P., Fuertes, J.J., Alonso, S., Morán, A.: Cybersecurity training in control systems using real equipment. IFAC-PapersOnLine 50(1), 12179–12184 (2017)
Korkmaz, E., Dolgikh, A., Davis, M., Skormin, V.: Industrial control systems security testbed (2016)
Stranahan, J., Soni, T., Heydari, V.: Supervisory control and data acquisition testbed for research and education. In: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), pp. 0085–0089, January 2019
Stranahan, J. Soni, T., Heydari, V.: Supervisory control and data acquisition testbed vulnerabilities and attacks. In: SoutheastCon 2019 (to appear), April 2019
Qu, W., Wei, W., Zhu, S., Zhao, Y.: The study of security issues for the industrial control systems communication protocols. In: 2015 Joint International Mechanical, Electronic and Information Technology Conference (JIMET-15). Atlantis Press (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Stranahan, J., Soni, T., Carpenter, J., Heydari, V. (2021). SCADA Testbed Implementation, Attacks, and Security Solutions. In: Arai, K. (eds) Advances in Information and Communication. FICC 2021. Advances in Intelligent Systems and Computing, vol 1363. Springer, Cham. https://doi.org/10.1007/978-3-030-73100-7_53
Download citation
DOI: https://doi.org/10.1007/978-3-030-73100-7_53
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-73099-4
Online ISBN: 978-3-030-73100-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)